Vulnerability CVE-2023-41164
Published: 2023-11-03

Description:
In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uri_to_iri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.

 References:
https://www.djangoproject.com/weblog/2023/sep/04/security-releases/
https://docs.djangoproject.com/en/4.2/releases/security/
https://groups.google.com/forum/#!forum/django-announce
Copyright 2026, cxsecurity.com

 

Back to Top